Diversity & Inclusion is at the core of how we build a great product. We are proud to be a top supporter of our local Girl Develop It (GDI) chapter, that every year trains women in a variety of coding languages and skills. Learn more about GDI and Duo's values: http://glassdoor.com/slink.htm?key=vQllx

As a woman working in the tech field, Ronda Bergman is something of a rarity. The 48-year-old fell in love with tech when one of her college counselors pushed her to take a programming class. Outside the joy of the work itself, however, her past 18 years working as a programmer haven't always been professional bliss.

Duo Security – Why Work For Us?

Our mission is to be the worldwide leader in secure access for companies of all sizes. Duo Security protects organizations against data breaches by ensuring only legitimate users and appropriate devices have access to sensitive data and applications - anytime, anywhere.

Duo was founded with the belief that security can only be effective if it is easy to use. Through that vision, Duo has built a world-class security platform that is actually enjoyable to use. Duo supports thousands of customers and millions of users in organizations like Accenture, Boston Medical, Emblem Health, Facebook, Tanium, Toyota, Twitter, Virginia Tech, Yelp and others, and enjoys the highest NPS score in the industry. Duo was founded by CEO Dug Song, and CTO Jon Oberheide, two respected pioneers in the security community. The company has offices in Ann Arbor, San Mateo, Austin and London.

Read more

Skateboard. Guitars. Mohawks. Owl Costumes.

At Duo you'll find them all - but these are not what defines our culture.

Our products are based on empathy. This approach allows us to really understand our client's needs. To listen to them. To achieve our mission of supporting their mission. That applies to our people, too.

What makes Duo special is the inclusiveness of our team. All ideas, backgrounds, and approaches are welcome - and encouraged. We share a deep passion for the work we do, and for each other.

We also believe that to do your best work in the office you need to have a robust life outside of it. This belief shapes our policies, our benefits, and how we treat our team.

Read more

We're the most loved company in security. Come build with us.

Every employee makes a difference at Duo. From developing new ways to prevent security breaches to helping customers maintain their own success, we're always looking for ways to improve. It's an environment where you can pursue your own ideas about how to build a great business. We pride ourselves on having an open, collaborative environment where people can do great work, learn a lot and have fun.

Building a better future.

At Duo, you have an opportunity to build products that address one of the biggest global business challenges faced today.

Our team is what makes Duo special. Every day you'll work beside leaders in their field rocket scientists to coders to designers.

We're in high-growth mode, that means a lot of opportunity for growth and development (and of course some chaos at times).

We also believe that a thriving personal live is the key to a successful team, and take our commitment to work-life balance seriously.

Read more

So You Want to Be an InfoSec Professional...

In August, some of the Labs team chatted on an AMA on Reddit. One of the most common questions we got was, “How did you get started in infosec, and how do I get started?”

Our most common answer within the team was, “Hacking video games!”, which drew some much-deserved ire from our fellow gamers. But beyond that, we all got our start in different ways with different specialties. Two of our senior Labs hackers shared their stories:

My first real hacking experience was on the family Apple ][, which had a modem. I used my Dad’s X.25 account to start exploring systems by trial and error. A lot of systems had splash screens that would say things like “use ‘guest’ and ‘password’ if you don’t have an account” or some other instruction to allow access. Encountering systems that didn’t have this message required accounts and passwords you’d have to just guess. I actually had no idea this was considered “hacking.” In the process of looking around on various systems and local BBSs, I stumbled into the underground.

That helped immensely, as I’d really gotten into breaking copy protection on floppy disks for pirating software. I developed this interest because my dad was in what was, in essence, a warez group as part of his job. There was plenty of info on this on various BBSs, but the best info was on the hacker BBSs.

Back then, for some lost reason I used a different handle on every system. As it turns out, Operation Sundevil missed me, probably in part because of this habit. I eventually settled on the handle “Simple Nomad” when I got onto Hacker’s Haven in the 303 area code, and stuck with that.

Between USENET, IRC and security conferences, way back last century I eventually met in-person many hackers I knew, including Dug Song. I was there when security companies starting snarfing up hackers and forming research departments, where I met Steve Manzuik. Eventually, everyone got all serious and the fun was sucked out of security research — until I found out from Steve that Duo was hiring and wanted to put the fun back into hacking. Yay!

As a little kid, I was already annoying my parents by taking apart things like our TV and VCR, but I didn’t get my first computer until I was around 10 years old. This was back in the 8086-and-5 ¼-inch-floppy-disk days. In my small town there were only two or three other kids that had computers, but we immediately began comparing high scores to our favorite games.

Very quickly this turned into, “Who can cheat the best at our favorite games?,” and we pooled our money together to buy whatever game we were interested in and then attempted to copy it. Even back then, software companies would attempt to protect their titles from piracy, but I quickly learned that I was pretty good at figuring out ways around it, even building a hardware device that plugged into the floppy drive controller that helped in some of the more extreme cases.

It wasn’t long before I discovered a few hacking-themed BBSs, which led to finding some of the amazing text files back then from old phreaking groups like Legions of Doom. This further sparked my interest, and I read every text file I could get my hands on. Back then, I’d actually print them up on my dot matrix printer so I could read them offline.

My first job out of high school was in IT, but I always maintained an interest in all things security and hacking. In the 90s, I met a hacker who back then was the person to talk to about hacking Novell Netware systems, which I was working with a lot in my job. We ended up getting along and learning from each other until one day he told me about an open position on one of the early research teams — BindView RAZOR. I jumped at the chance to take my first real security job, and since then I haven’t looked back. Incidentally, this hacker was a much younger Simple Nomad, whose story you just read.

For me, the best way I learned and gained the skills that I use in my job today was by spending a lot of time reading and experimenting with technology. Obviously, in this day and age, one has to be careful to not cross any lines when experimenting, but luckily we have the ability to run virtual environments to use as targets, rather than real-world systems.

A great resource to get your feet wet in infosec is Diogo Felix’s Awesome Infosec list. That list’s Related Awesome Lists section links to various specializations and related concepts.

Have questions? Interested, but you need inspiration for a project? Stuck on a step of your n00b projects? We had a blast doing the AMA, and we’d love to keep the conversation going with you at community.duo.com.

Read more

Want to work at the forefront of technology with a company that supports some of the largest and fastest growing organizations in the world? But you're in an early stage of your career? No worries!

Learn how the Duo Internship Program can give you a jump start. View all of our opportunities: duo.com/careers.

Best job I've ever had. Incredible opportunity to build products that customers love, and work on an important mission to protect organizations from data breach. The company is growing quickly. For those who see this as an opportunity to have a big impact on the company, it's a wonderful place to roll up your sleeves and dive in. Really good work/life balance. Incredibly smart, kind people. I'm eager to come into work every day. I'm excited by the nature of my work, and my collaborators. I'm learning a lot, have autonomy, support from my manager, and room to grow.

Cons

If you're someone who thrives in an environment that doesn't change very much, or has a lot of structure and processes already in place, you might not thrive here. Duo is growing and changing quickly. It makes it fun and exciting, but only if you're interested in chipping in on the project of building the company itself.

Advice to Management

Keep doing what you're doing. Continue investing in individuals' careers, honoring work/life balance, and working hard to create an amazing place to come to work every day. Also, thanks. :)

Difficulty

I applied online. The process took 2 weeks. I interviewed at Duo Security (London, England (UK)) in December 2016.

Interview

This has been by far the best interview process I've ever been part of and I was planning to write a positive review regardless of whether I had an offer or not. I applied through the website on a Thursday, received an e-mail to set up a call with the recruiter the following Monday, and two weeks after that first call I had an offer!

Linda, the internal recruiter, is efficient, kind, smart, supportive, honest, down-to-earth, and has just made it such a pleasure to deal with Duo from start to finish - any company who needs to make a good first impression on candidates should just work on cloning her, really. Right from the start we set clear guidelines on how best to work together throughout the process (open communication, transparency on other job offers, approachability, open feedback loops) and I can't stress enough how nice it was to work like that.

Everything was well-organised and I always felt like whoever I was speaking to actually cared about what I was looking for in a job, rather than just trying to find out whether I ticked their boxes. I met with various people in the Customer Success department (both US & UK), as well as others in the London office, so was able to get a well-rounded view of what working at Duo would be like. You can definitely see and hear that everyone who works there is excited to be part of Duo and shares common goals and values, but was also honest when I asked what would potentially put someone off joining Duo (answer was generally "people who aren't used to a start-up environment may take a while to adapt" - very fair). Also - the hiring manager was SO helpful in the phone call when I asked what I could study to set myself up for success in the role if I moved forward, and took the time to take me through the most relevant parts of the documentation on the website. Really refreshing when I thought he would just throw a few words and topics at me with an "off you go" approach...by far exceeded expectations already.

All in all - can't wait to get started!

Interview Questions

How do you approach situations where your UK client may be blocked from doing what they need to, but you have to contend with a time difference and wait for support in the US to move forward with a solution? 1 Answer

Follow Duo Security

Company Videos

Glassdoor gives you an inside look at what it's like to work at Duo Security, including salaries, reviews, office photos, and more. This is the Duo Security company profile. All content is posted anonymously by employees working at Duo Security.